apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "wordpress-nginx.fullname" . }} labels: {{- include "wordpress-nginx.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "wordpress-nginx.selectorLabels" . | nindent 6 }} template: metadata: labels: {{- include "wordpress-nginx.selectorLabels" . | nindent 8 }} spec: securityContext: fsGroup: 82 fsGroupChangePolicy: "OnRootMismatch" initContainers: - name: wordpress-init image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}" imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }} command: ["/bin/sh", "-c"] args: - | set -e echo "=== WordPress Initialization Started ===" echo "Copying WordPress to emptyDir..." cp -rp /usr/src/wordpress/* /var/www/html/ echo "WordPress files copied" if [ ! -d /var/www/html/wp-content/themes ]; then echo "Initializing wp-content in PVC..." cp -rp /usr/src/wordpress/wp-content/* /var/www/html/wp-content/ echo "wp-content initialized" else echo "wp-content already exists, preserving user data" fi echo "Generating wp-config.php..." cat > /var/www/html/wp-config.php << 'EOF' /dev/null || true chmod +x /tmp/wp-cli.phar echo "Waiting for database connection..." max_attempts=30 attempt=0 while [ $attempt -lt $max_attempts ]; do if php -r " \$link = @mysqli_connect('${WORDPRESS_DB_HOST}', '${WORDPRESS_DB_USER}', '${WORDPRESS_DB_PASSWORD}', '${WORDPRESS_DB_NAME}'); if (\$link) { echo 'Connected'; mysqli_close(\$link); exit(0); } exit(1); " 2>/dev/null; then echo "Database connection successful" break fi attempt=$((attempt + 1)) echo "Waiting for database... ($attempt/$max_attempts)" sleep 2 done if [ $attempt -eq $max_attempts ]; then echo "ERROR: Database connection timeout" exit 1 fi echo "Checking if WordPress is already installed..." TABLES=$(/tmp/wp-cli.phar --path=/var/www/html db query "SHOW TABLES LIKE '${WORDPRESS_TABLE_PREFIX}options';" 2>/dev/null || echo "") if [ -z "$TABLES" ]; then echo "=== Starting WordPress Installation ===" if [ -z "$WP_ADMIN_PASSWORD" ]; then WP_ADMIN_PASSWORD=$(tr -dc 'A-Za-z0-9!@#$%^&*' < /dev/urandom | head -c 16) echo "Generated admin password: $WP_ADMIN_PASSWORD" echo "$WP_ADMIN_PASSWORD" > /var/www/html/wp-content/.initial-admin-password fi INSTALL_URL="http://127.0.0.1" echo "Installing WordPress..." /tmp/wp-cli.phar --path=/var/www/html core install \ --url="$INSTALL_URL" \ --title="$WP_SITE_TITLE" \ --admin_user="$WP_ADMIN_USER" \ --admin_password="$WP_ADMIN_PASSWORD" \ --admin_email="$WP_ADMIN_EMAIL" \ --skip-email echo "=== WordPress Installation Completed ===" echo "Admin User: $WP_ADMIN_USER" if [ -f /var/www/html/wp-content/.initial-admin-password ]; then echo "Admin Password: $(cat /var/www/html/wp-content/.initial-admin-password)" fi else echo "WordPress is already installed, skipping installation" if [ -f /tmp/wp-cli.phar ]; then echo "Running WordPress core update check..." CURRENT_VERSION=$(cat /usr/src/wordpress/wp-includes/version.php | grep "wp_version = " | cut -d "'" -f 2 || echo "unknown") echo "Target WordPress version: $CURRENT_VERSION" /tmp/wp-cli.phar --path=/var/www/html core update-db 2>/dev/null || echo "No database update needed" fi fi {{- if .Values.wordpress.adsTxt.enabled }} echo "Deploying ads.txt..." cat > /var/www/html/ads.txt << 'EOF' {{ .Values.wordpress.adsTxt.content }} EOF echo "ads.txt deployed" {{- end }} echo "=== WordPress Initialization Completed ===" volumeMounts: - name: wordpress-data mountPath: /var/www/html - name: wordpress-persistent mountPath: /var/www/html/wp-content env: - name: WORDPRESS_DB_HOST value: {{ .Values.wordpress.dbHost | quote }} - name: WORDPRESS_DB_NAME value: {{ .Values.wordpress.dbName | quote }} - name: WORDPRESS_DB_USER value: {{ .Values.wordpress.dbUser | quote }} - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: db-password - name: WORDPRESS_TABLE_PREFIX value: {{ .Values.wordpress.tablePrefix | quote }} - name: WP_SITE_TITLE value: {{ .Values.wordpress.siteTitle | quote }} - name: WP_ADMIN_USER value: {{ .Values.wordpress.adminUser | quote }} - name: WP_ADMIN_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: admin-password - name: WP_ADMIN_EMAIL value: {{ .Values.wordpress.adminEmail | quote }} - name: WP_AUTH_KEY valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: auth-key - name: WP_SECURE_AUTH_KEY valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: secure-auth-key - name: WP_LOGGED_IN_KEY valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: logged-in-key - name: WP_NONCE_KEY valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: nonce-key - name: WP_AUTH_SALT valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: auth-salt - name: WP_SECURE_AUTH_SALT valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: secure-auth-salt - name: WP_LOGGED_IN_SALT valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: logged-in-salt - name: WP_NONCE_SALT valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: nonce-salt - name: WORDPRESS_MULTISITE_ENABLED value: {{ .Values.wordpress.multisite.enabled | quote }} - name: WORDPRESS_MULTISITE_SUBDOMAINS value: {{ .Values.wordpress.multisite.subdomains | quote }} - name: WORDPRESS_MULTISITE_DOMAIN value: {{ .Values.wordpress.multisite.domain | quote }} securityContext: runAsUser: 82 runAsGroup: 82 containers: - name: nginx image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}" imagePullPolicy: {{ .Values.image.nginx.pullPolicy }} ports: - name: http containerPort: 80 protocol: TCP volumeMounts: - name: wordpress-data mountPath: /var/www/html - name: wordpress-persistent mountPath: /var/www/html/wp-content - name: nginx-config mountPath: /etc/nginx/conf.d/default.conf subPath: default.conf {{- if .Values.healthCheck.enabled }} livenessProbe: {{- toYaml .Values.healthCheck.livenessProbe | nindent 12 }} readinessProbe: {{- toYaml .Values.healthCheck.readinessProbe | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources.nginx | nindent 12 }} - name: wordpress image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}" imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }} command: ["php-fpm"] securityContext: runAsUser: 82 runAsGroup: 82 env: - name: WORDPRESS_DB_HOST value: {{ .Values.wordpress.dbHost | quote }} - name: WORDPRESS_DB_NAME value: {{ .Values.wordpress.dbName | quote }} - name: WORDPRESS_DB_USER value: {{ .Values.wordpress.dbUser | quote }} - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress-nginx.fullname" . }}-secret key: db-password - name: WORDPRESS_TABLE_PREFIX value: {{ .Values.wordpress.tablePrefix | quote }} volumeMounts: - name: wordpress-data mountPath: /var/www/html - name: wordpress-persistent mountPath: /var/www/html/wp-content resources: {{- toYaml .Values.resources.wordpress | nindent 12 }} volumes: - name: wordpress-data emptyDir: {} - name: wordpress-persistent {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "wordpress-nginx.fullname" . }}-pvc {{- else }} emptyDir: {} {{- end }} - name: nginx-config configMap: name: {{ include "wordpress-nginx.fullname" . }}-nginx-config {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }}